Free cybersecurity resources and assessment for Canadian small and medium businesses. Based on the Canadian Centre for Cyber Security's Baseline Cyber Security Controls. https://cybersecuritycanada.ca/ 2026-03-07T00:00:00.000Z Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/building-an-incident-response-plan-for-your-canadian-business/ 2026-03-07T00:00:00.000Z 2026-03-07T00:00:00.000Z

The Canadian Centre for Cyber Security designates incident response planning as the first of its 13 Baseline Controls. Here is what the guidance says, what a plan includes, and what Canadian SMBs face without one.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/what-to-do-in-the-first-24-hours-after-a-cyber-attack/ 2026-02-28T00:00:00.000Z 2026-02-28T00:00:00.000Z

When a cyber attack hits, the decisions you make in the first hours determine how much damage your business sustains. This step-by-step guide walks Canadian small business owners through the critical first 24 hours.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/cyber-insurance-what-canadian-smbs-need-to-understand/ 2026-02-22T00:00:00.000Z 2026-02-22T00:00:00.000Z

Cyber insurance adoption among Canadian businesses remains low, and denied claims are making headlines. Here is what the market looks like, what insurers are requiring, and what happens when those requirements are not met.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/ransomware-what-canadian-businesses-need-to-know-before-during-and-after-an-attack/ 2026-02-21T00:00:00.000Z 2026-02-21T00:00:00.000Z

Ransomware remains the top cybercrime threat facing Canadian organizations. Here is what Canadian SMBs should do before an attack happens, what to do if one is underway, and how to recover.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/usb-drives-and-portable-media-the-security-risk-in-your-desk-drawer/ 2026-02-20T00:00:00.000Z 2026-02-20T00:00:00.000Z

USB drives remain one of the easiest ways for data to leave your business and one of the quietest ways for threats to get in. Here's what Canadian SMBs need to know.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/vendor-and-third-party-risk-how-your-suppliers-can-become-your-weakest-link/ 2026-02-14T00:00:00.000Z 2026-02-14T00:00:00.000Z

Your cybersecurity is only as strong as the least secure vendor with access to your systems or data. Here's how Canadian small businesses can assess and manage third-party risk without a dedicated security team.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/windows-notepad-vulnerability-what-canadian-businesses-should-know/ 2026-02-11T00:00:00.000Z 2026-02-11T00:00:00.000Z

A critical flaw in Windows Notepad could let attackers take control of your PC through a simple file. Here's what Canadian business owners need to know and do.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/notepad-plus-plus-supply-chain-attack-what-canadian-businesses-should-know/ 2026-02-10T00:00:00.000Z 2026-02-10T00:00:00.000Z

A Chinese state-sponsored group hijacked Notepad++ updates for months, delivering targeted malware through a trusted update channel. Here's what happened and what to do.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/the-hidden-cost-of-assuming-your-business-is-too-small-to-attack/ 2026-02-10T00:00:00.000Z 2026-02-10T00:00:00.000Z

The belief that your business is too small to be targeted isn't just wrong — it's the most expensive cybersecurity assumption a Canadian SMB can make. Here's what it actually costs.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/how-to-use-your-assessment-results/ 2026-02-07T00:00:00.000Z 2026-02-07T00:00:00.000Z

Completed the assessment? Here's how to interpret your score, prioritize improvements, and build a practical security roadmap for your organization.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/why-canadian-smbs-need-cybersecurity/ 2026-02-01T00:00:00.000Z 2026-02-01T00:00:00.000Z

Canadian small businesses face growing cyber threats. Learn why cybersecurity has become a business necessity, not just an IT concern.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/when-cyber-attacks-become-physical-threats/ 2026-01-28T00:00:00.000Z 2026-01-28T00:00:00.000Z

Cyber attacks don't always stay digital. Criminals are using email compromises, system hacks, and signal jamming as stepping stones to physical crimes like burglary and fraud.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/backup-and-recovery-assumptions-that-fail/ 2026-01-25T00:00:00.000Z 2026-01-25T00:00:00.000Z

Most businesses think their backups are fine — until they try to restore from them. Here are five common backup assumptions that fail during a real incident.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/why-your-business-needs-an-ai-usage-policy/ 2026-01-20T00:00:00.000Z 2026-01-20T00:00:00.000Z

Your employees are already using AI tools — with or without your knowledge. Here's why a clear AI usage policy protects your business and what it should cover.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/understanding-canadas-baseline-cyber-security-controls/ 2026-01-15T00:00:00.000Z 2026-01-15T00:00:00.000Z

The Canadian Centre for Cyber Security has published baseline controls specifically designed for small and medium organizations. Here's what you need to know.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/the-real-cost-of-cyber-downtime-for-canadian-smbs/ 2026-01-05T00:00:00.000Z 2026-01-05T00:00:00.000Z

When systems go offline due to a cyber incident, the costs go far beyond the ransom demand. Here's what Canadian small businesses actually face.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/business-email-compromise-canadas-most-costly-cyber-threat/ 2025-12-30T00:00:00.000Z 2025-12-30T00:00:00.000Z

Business email compromise doesn't use malware or exploit software vulnerabilities. It exploits trust — and it's responsible for more financial losses than any other form of cybercrime. Here's what Canadian businesses need to know.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/remote-work-security-for-canadian-businesses/ 2025-12-18T00:00:00.000Z 2025-12-18T00:00:00.000Z

Remote and hybrid work is here to stay. Here's how Canadian SMBs can keep their data secure when employees work outside the office.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/cloud-security-basics-for-canadian-small-businesses/ 2025-12-12T00:00:00.000Z 2025-12-12T00:00:00.000Z

Moving to the cloud doesn't mean your data is automatically secure. Microsoft 365, Google Workspace, and other cloud platforms require configuration — and the default settings often leave gaps. Here's what Canadian SMBs need to get right.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/how-to-recognize-phishing-emails/ 2025-12-05T00:00:00.000Z 2025-12-05T00:00:00.000Z

Phishing is the number one cyber threat to Canadian businesses. Learn the warning signs and how to protect your organization.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/employee-security-awareness-training-what-actually-works/ 2025-11-28T00:00:00.000Z 2025-11-28T00:00:00.000Z

Annual compliance videos don't change behaviour. Here's what the research says about effective security awareness training for Canadian small businesses — and how to build a program that actually reduces risk.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/password-security-what-canadian-businesses-get-wrong/ 2025-11-20T00:00:00.000Z 2025-11-20T00:00:00.000Z

Forced password rotation, short minimums, and no password manager — here are the most common password mistakes Canadian SMBs make and how to fix them.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/multi-factor-authentication-the-single-biggest-security-upgrade-for-canadian-smbs/ 2025-11-10T00:00:00.000Z 2025-11-10T00:00:00.000Z

MFA blocks over 99% of automated account attacks. It's free to enable on most business platforms, takes minutes to set up, and is increasingly required by cyber insurers. Here's what Canadian businesses need to know.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/why-cybercriminals-target-small-businesses/ 2025-11-01T00:00:00.000Z 2025-11-01T00:00:00.000Z

Small businesses are not too small to be targeted. Here's why cybercriminals see Canadian SMBs as attractive targets and what you can do about it.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/5-easy-cybersecurity-wins-for-canadian-small-businesses/ 2025-10-28T00:00:00.000Z 2025-10-28T00:00:00.000Z

You don't need a massive budget or a dedicated IT team to meaningfully improve your cybersecurity. These five actions can be implemented quickly and address the most common ways Canadian small businesses get breached.

Cybersecurity Canada https://cybersecuritycanada.ca/news/posts/canadas-privacy-landscape-what-small-businesses-need-to-know/ 2025-10-15T00:00:00.000Z 2025-10-15T00:00:00.000Z

PIPEDA, provincial laws, and breach reporting — a plain-language overview of the privacy obligations that apply to Canadian small businesses.

Cybersecurity Canada